# Contributor: prymeroot <pryme@gmx.com>
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=fail2ban
pkgver=1.1.0
pkgrel=2
pkgdesc="Scans log files for login failures then updates iptables to reject originating ip address"
url="https://www.fail2ban.org/"
arch="noarch"
license="GPL-2.0-or-later"
depends="python3 iptables logrotate"
makedepends="python3-dev py3-setuptools bash"
subpackages="$pkgname-pyc $pkgname-tests $pkgname-doc $pkgname-openrc"
source="$pkgname-$pkgver.tar.gz::https://github.com/fail2ban/fail2ban/archive/$pkgver.tar.gz
	fail2ban.initd
	fail2ban.confd
	fail2ban.logrotate
	alpine-ssh.jaild
	alpine-sshd.filterd
	alpine-sshd-ddos.filterd
	"
options="!check" # really flaky

# secfixes:
#   0.11.2-r2:
#     - CVE-2021-32749

build() {
	python3 setup.py build
}

check() {
	python3 setup.py test
}

package() {
	python3 setup.py install --root "$pkgdir"
	# Replace absolute symlink with relative one
	ln -svf python3 "$pkgdir"/usr/bin/fail2ban-python

	install -Dm755 "$srcdir"/fail2ban.initd "$pkgdir"/etc/init.d/fail2ban
	install -Dm644 "$srcdir"/fail2ban.confd "$pkgdir"/etc/conf.d/fail2ban
	install -Dm644 "$srcdir"/fail2ban.logrotate \
		"$pkgdir"/etc/logrotate.d/fail2ban
	install -Dm644 "$srcdir"/alpine-ssh.jaild \
		"$pkgdir"/etc/fail2ban/jail.d/alpine-ssh.conf
	install -Dm644 "$srcdir"/alpine-sshd.filterd \
		"$pkgdir"/etc/fail2ban/filter.d/alpine-sshd.conf
	install -Dm644 "$srcdir"/alpine-sshd-ddos.filterd \
		"$pkgdir"/etc/fail2ban/filter.d/alpine-sshd-ddos.conf

	install -Dm644 -t "$pkgdir"/usr/share/man/man1 man/*.1
	install -Dm644 -t "$pkgdir"/usr/share/man/man5 man/*.5

	# TODO: Create paths-alpine.conf and remove paths-debian.conf.
	find "$pkgdir"/etc/fail2ban/ -name 'paths-*.conf' \
		-a ! -name 'paths-common.conf' \
		-a ! -name 'paths-debian.conf' \
		-delete
}

tests() {
	pkgdesc="Fail2ban test cases"
	depends="$pkgname=$pkgver-r$pkgrel"

	amove usr/bin/fail2ban-testcases
	amove usr/lib/python3.*/site-packages/fail2ban/tests
}

sha512sums="
9bff7b9c41e58a953901800468e5c4153c9db6af01c7eb18111ad8620b40d03a0771020472fb759b2809d250e2bb45471e6c7e8283e72ea48290ecf7bf921821  fail2ban-1.1.0.tar.gz
9ba3da904e2169264ca2ad3af1a6c10ba82f559b9c746d20c515ec806263a7fe0576536e38e4e6107cd551048aa8868b45986f1a803a049ea745158678b8d8be  fail2ban.initd
1e7581dd04e7777d6fd5c40cc842a7ec5f4e6a0374673d020d89dd61bf4093d48934844bee89bcac9084f9ae44f3beb66e714cf3c2763d79c3e8feb790c5e43b  fail2ban.confd
ee1c229db970239ebc707cd484a650fcf2347c70b411728ee2a4a35a72f4118cfccecf2a221275603320e0332efcc16e4979201933cec1aef1c5d5a082fc4940  fail2ban.logrotate
84915967ae1276f1e14a5813680ee2ebf081af1ff452a688ae5f9ac3363f4aff90e39f8e6456b5c33d5699917d28a16308797095fd1ef9bb1fbcb46d4cea3def  alpine-ssh.jaild
29f6d7c4da41ccfd92c425237c6fa69e7f195d04530da0cbe98e013a9ebd7512d638cccf08b39077effe82ac52695168f3390a13718b30c9ce923ad113444964  alpine-sshd.filterd
1b19318940852de590ad9b3b7e58ab98d71b686b91984aa7abc16c757cdab3a3a88a2707cdf9b1c008875e830f78b7e515a189c891963fa44626078aa00ca318  alpine-sshd-ddos.filterd
"
